Versions Compared

Old Version 5

changes.mady.by.user Łukasz Surdej

Saved on

compared with

New Version Current

changes.mady.by.user Łukasz Surdej

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Bootloader and application image are loaded to flash.

...

Load images to device using FlashPro/GangPro-ARM software - option with external flash connected via SPI

It is recommended to program an external flash before the main flash in case of any bootloader issues.

  1. In main window click Add/Edit external flash (EF) button to configure connected EF.

...

  1. Configure the type of connected EF, the communication interface, and the address space. Then click OK.

...

  1. Select form menu Setup → Memory Options. In Memory Options window select Address Range: External Flash only and click OK.

...

  1. Open code file for external flash. Leave Memory protection unchecked and perform Auto program.

...

  1. External flash should be programmed.

...

  1. Now load bootloader and application images to internal flash. Select form menu Setup → Memory Options. In Memory Options window select Address Range: Flash memory only and click OK.

...

  1. Open code file with signed bootloader image and append code file with signed application image.

...

  1. Next Perform Auto program. Bootloader and application images should be loaded into internal flash.

...

III. Provision Key, Enable Secure Boot and Enable Debug Lock using FlashPro/GangPro-ARM

...

  1. Device status is also displayed in main window.

...

Code Block
=====================================
SE Read serial number		OK
  SN=0000000000000000BC026EFFFE90EA5A
SE Get chalenge			    OK
  challenge=42E019ED32348E7DF04801BFEB5D6CC6

SE Read status			    OK
Status:
   Debug Lock	   : Disabled
   Sec. Debug Lock : Disabled
   Device Erase	   : Enabled
   Secure Boot	   : Disabled
   Boot status	   : 00000020
   Tamper status   : 00000001
   SE FW ver.	   : 00010210
   Host FW ver.	   : 02030002

SE Read lock status		 OK
TrustZone Debug Options: 
   DBGLOCK	 : Disabled
   NIDLOCK	 : Disabled
   SPIDLOCK	 : Disabled
   SPNIDLOCK : Disabled

SE Reading Command Key... No response.
SE Reading Sign Key... No response.
SE Reading OTP configuration... No response.
 -------- D O N E --- ( run time =   0.5 sec.)

...

  1. To load keys to device check corresponding “Enable Load“ check-boxes and select the key files.

...

  1. Extended device status is added to the report in main window.

...

  1. At the end of programming cycle device can be locked. Go to Secure Engine (SE) dialog, disable Device Erase and lock debug port (Debug Lock and Secure Debug Lock enable). Specify also Debug Restrictions for a TrustZone aware application. This configuration is irreversible and allows debug port to be unlocked with Debug unlock token only.

...

  1. As OTP was already programmed, disable keys and OTP configuration loading and click OK to save configuration.

...

  1. In main window clicking Lock Device to load configuration to device and generate Debug Unlock Token.

...

  1. This step ends production programming.

Note

If Unlock device by token is enabled, the application will try to unlock debug port using Debug Unlock Token after an unsuccessful attempt to connect to the device. The token should be located in the following path: SecurityStore\device_(SerialNumber)\challenge_(challenge)\ .

...